disable unprivileged userns for regular kernels

2025-07-24 15:25:23 -04:00 · 2021-09-07 22:50:57 -04:00 · 2021-09-07 22:50:57 -04:00 · 5eead0ad5a
commit 5eead0ad5a
parent 87db85274a
1 changed files with 2 additions and 0 deletions
--- a/local.conf
+++ b/local.conf
@ -20,6 +20,8 @@ vm.mmap_rnd_compat_bits = 16

 kernel.kptr_restrict = 2

+kernel.unprivileged_userns_clone = 0
+
 kernel.unprivileged_bpf_disabled = 1
 net.core.bpf_jit_harden = 2